Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2)
Details
This update for the Linux Kernel 4.4.121-92_95 fixes one issue.
The following security issue was fixed:
CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user could cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bsc#1119947).